SAP SAP Enterprise Application Software

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any SAP product.

Products by SAP Sorted by Most Security Vulnerabilities since 2018

SAP NetWeaver42 vulnerabilities

SAP Business One29 vulnerabilities

SAP Solution Manager29 vulnerabilities

SAP Netweaver Abap22 vulnerabilities

SAP Commerce Cloud17 vulnerabilities

SAP S4hana16 vulnerabilities

SAP Enable Now14 vulnerabilities

SAP Host Agent13 vulnerabilities

SAP Abap Platform11 vulnerabilities

SAP Web Dispatcher11 vulnerabilities

SAP S4core10 vulnerabilities

SAP Businessobjects9 vulnerabilities

SAP Landscape Management8 vulnerabilities

SAP Cloud Connector8 vulnerabilities

SAP Commerce7 vulnerabilities

Sapscore7 vulnerabilities

SAP S4 Hana6 vulnerabilities

SAP Basis6 vulnerabilities

SAP Hana Database6 vulnerabilities

SAP Business Warehouse5 vulnerabilities

SAP Bw4hana5 vulnerabilities

SAP S4fnd5 vulnerabilities

SAP Powerdesigner5 vulnerabilities

SAP Content Server5 vulnerabilities

SAP Sql Anywhere5 vulnerabilities

SAP Fiori Launchpad4 vulnerabilities

SAP Ui4 vulnerabilities

SAP Gui For Windows3 vulnerabilities

SAP Netweaver As Abap Kernel3 vulnerabilities

SAP Graphical User Interface3 vulnerabilities

SAP Fiori3 vulnerabilities

SAP Commoncryptolib3 vulnerabilities

SAP Diagnostics Agent3 vulnerabilities

SAP Bank Account Management2 vulnerabilities

SAP Document Builder2 vulnerabilities

SAP Master Data Governance2 vulnerabilities

Known Exploited SAP Vulnerabilities

The following SAP vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.
CVE-2019-0344 Exploit Probability: 28.4%
September 30, 2024
SAP Multiple Products HTTP Request Smuggling Vulnerability SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.
CVE-2022-22536 Exploit Probability: 95.7%
August 18, 2022
SAP NetWeaver Unrestricted File Upload vulnerability SAP NetWeaver contains a vulnerability that allows unrestricted file upload.
CVE-2021-38163 Exploit Probability: 92.2%
June 9, 2022
SAP NetWeaver SQL Injection Vulnerability SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2016-2386 Exploit Probability: 55.4%
June 9, 2022
SAP NetWeaver Information Disclorsure Vulnerability The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.
CVE-2016-2388 Exploit Probability: 0.9%
June 9, 2022
SAP NetWeaver AS JAVA CRM Remote Code Execution Vulnerability SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
CVE-2018-2380 Exploit Probability: 6.2%
November 3, 2021
SAP NetWeaver AS JAVA Remote Code Execution Vulnerability The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request.
CVE-2010-5326 Exploit Probability: 44.5%
November 3, 2021
SAP NetWeaver AS JAVA XXE Vulnerability BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
CVE-2016-9563 Exploit Probability: 84.2%
November 3, 2021
SAP Netweaver JAVA remote unauthenticated access vulnerability SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system.
CVE-2020-6287 Exploit Probability: 97.4%
November 3, 2021
SAP Solution Manager Missing Authentication Check Complete Compromise of SMD Agents vulnerability SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.
CVE-2020-6207 Exploit Probability: 97.3%
November 3, 2021
SAP NetWeaver AS Java 7.1 - 7.5 Directory Traversal Vulnerability Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.
CVE-2016-3976 Exploit Probability: 96.9%
November 3, 2021

Of the known exploited vulnerabilities above, 5 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 4 known exploited SAP vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

By the Year

In 2025 there have been 0 vulnerabilities in SAP. Last year, in 2024 SAP had 76 security vulnerabilities published. Right now, SAP is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 76 5.91
2023 165 6.69
2022 187 6.70
2021 204 6.73
2020 207 6.24
2019 123 6.67
2018 127 6.93

It may take a day or so for new SAP vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent SAP Security Vulnerabilities

SAP BusinessObjects BI Platform Information Disclosure Vulnerability

CVE-2024-32732 - December 10, 2024

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application.

Exposure of Sensitive System Information to an Unauthorized Control Sphere

SAP Commerce Cloud Assisted Service Module Information Disclosure Vulnerability

CVE-2024-47577 - December 10, 2024

Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information disclosure vulnerability. When an authorized agent searches for customer to manage their accounts, the request url includes customer data and it is recorded in server logs. If an attacker impersonating as authorized admin visits such server logs, then they get access to the customer data. The amount of leaked confidential data however is extremely limited, and the attacker has no control over what data is leaked.

Cleartext Transmission of Sensitive Information

SAP NetWeaver ABAP Privilege Escalation Vulnerability

CVE-2024-47585 - December 10, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks, resulting in privilege escalation. While authorizations for import and export are distinguished, a single authorization is applied for both, which may contribute to these risks. On successful exploitation, this can result in potential security concerns. However, it has no impact on the integrity and availability of the application and may have only a low impact on data confidentiality.

AuthZ

SAP NetWeaver Administrator SSRF Vulnerability

CVE-2024-54197 - December 10, 2024

SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in Server-Side Request Forgery (SSRF) which could have a low impact on integrity and confidentiality of data. It has no impact on availability of the application.

SSRF

SAP NetWeaver AS ABAP RFC Request Credential Exposure Vulnerability

CVE-2024-54198 - December 10, 2024

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.

Improper Control of Dynamically-Identified Variables

SAP NetWeaver AS Java (System Landscape Directory) Authorization Bypass Vulnerability

CVE-2024-42372 - November 12, 2024

Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an unauthorized user can read and modify some restricted global SLD configurations causing low impact on confidentiality and integrity of the application.

AuthZ

SAP NetWeaver ABAP Kernel Null Pointer Dereference Denial of Service Vulnerability

CVE-2024-47586 - November 12, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be temporarily unavailable. There is no impact on Confidentiality or Integrity.

NULL Pointer Dereference

SAP NetWeaver Java Software Update Manager 1.1 Credential Exposure Vulnerability

CVE-2024-47588 - November 12, 2024

In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software upgrade encounters errors, credentials are written in plaintext to a log file. An attacker with local access to the server, authenticated as a non-administrative user, can acquire the credentials from the logs. This leads to a high impact on confidentiality, with no impact on integrity or availability.

Insufficiently Protected Credentials

SAP NetWeaver AS Java Unauthenticated User ID Brute Force Vulnerability

CVE-2024-47592 - November 12, 2024

SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrity or availability.

SAP NetWeaver ABAP Server File Disclosure Vulnerability

CVE-2024-47593 - November 12, 2024

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or downloaded in an application based on SAP GUI for HTML Technology. This will not compromise the application's integrity or availability.

SAP NetWeaver AS ABAP Privilege Escalation Vulnerability

CVE-2024-47595 7.1 - High - November 12, 2024

An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.

Incorrect Privilege Assignment

SAP BusinessObjects Business Intelligence Platform

CVE-2024-37179 6.5 - Medium - October 08, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application.

Unrestricted File Upload

The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability

CVE-2024-45277 4.3 - Medium - October 08, 2024

The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability allowing an attacker to add arbitrary properties to global object prototypes. This is due to improper user input sanitation when using the nestTables feature causing low impact on the availability of the application. This has no impact on Confidentiality and Integrity.

Prototype Pollution

SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability

CVE-2024-45278 5.4 - Medium - October 08, 2024

SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

XSS

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method

CVE-2024-45282 5.3 - Medium - October 08, 2024

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations. Confidentiality and Availability are not impacted.

Trusting HTTP Permission Methods on the Server Side

SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs

CVE-2024-47594 5.4 - Medium - October 08, 2024

SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link, confidentiality and integrity of their web browser session could be compromised.

XSS

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform

CVE-2024-41728 2.7 - Low - September 10, 2024

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects.

AuthZ

Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will

CVE-2024-44112 4.3 - Medium - September 10, 2024

Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or availability.

AuthZ

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program

CVE-2024-44114 2.7 - Low - September 10, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application.

AuthZ

SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.

CVE-2024-39591 5.3 - Medium - August 13, 2024

SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.

AuthZ

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction

CVE-2024-41734 4.3 - Medium - August 13, 2024

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability.

AuthZ

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users

CVE-2024-42373 5.4 - Medium - August 13, 2024

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to delete non-sensitive report variants that are typically restricted, causing minimal impact on the integrity of the application.

AuthZ

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network

CVE-2024-28166 4.3 - Medium - August 13, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.

Unrestricted File Upload

Some OCC API endpoints in SAP Commerce Cloud

CVE-2024-33003 9.1 - Critical - August 13, 2024

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application.

Information Disclosure

BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source

CVE-2024-42374 8.2 - High - August 13, 2024

BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source. An attacker can retrieve information from the SAP ADS system and exhaust the number of XMLForm service which makes the SAP ADS rendering (PDF creation) unavailable. This affects the confidentiality and availability of the application.

aka Blind XPath Injection

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server

CVE-2024-33005 6.3 - Medium - August 13, 2024

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a high impact on the integrity and availability of the applications.

AuthZ

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user

CVE-2024-41730 9.8 - Critical - August 13, 2024

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability.

AuthZ

In SAP Commerce, valid user accounts can be identified during the customer registration and login processes

CVE-2024-41733 5.3 - Medium - August 13, 2024

In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. This allows a potential attacker to learn if a given e-mail is used for an account, but does not grant access to any customer data beyond this knowledge. The attacker must already know the e-mail that they wish to test for. The impact on confidentiality therefore is low and no impact to integrity or availability

Information Disclosure

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs

CVE-2024-41735 5.4 - Medium - August 13, 2024

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application.

XSS

Under certain conditions SAP Permit to Work

CVE-2024-41736 4.3 - Medium - August 13, 2024

Under certain conditions SAP Permit to Work allows an authenticated attacker to access information which would otherwise be restricted causing low impact on the confidentiality of the application.

Information Disclosure

SAP CRM ABAP (Insights Management)

CVE-2024-41737 5 - Medium - August 13, 2024

SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

SSRF

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network

CVE-2024-42375 4.3 - Medium - August 13, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.

Unrestricted File Upload

SAP Shared Service Framework does not perform necessary authorization check for an authenticated user

CVE-2024-42376 6.5 - Medium - August 13, 2024

SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high impact on confidentiality of the application.

AuthZ

SAP shared service framework

CVE-2024-42377 4.3 - Medium - August 13, 2024

SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application

AuthZ

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network

CVE-2024-41731 4.3 - Medium - August 13, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.

Unrestricted File Upload

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls

CVE-2024-41732 5.4 - Medium - August 13, 2024

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls. Depending on the web applications provided by this server, the attacker might inject CSS code or links into the web application that could allow the attacker to read or modify information. There is no impact on availability of application.

WebFlow Services of SAP Business Workflow

CVE-2024-34689 5 - Medium - July 09, 2024

WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

SSRF

Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files

CVE-2024-34692 4.6 - Medium - July 09, 2024

Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. These files include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker can cause limited impact on confidentiality and Integrity of the application.

Unrestricted File Upload

SAP Transportation Management (Collaboration Portal)

CVE-2024-37171 5 - Medium - July 09, 2024

SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative privileges to send a crafted request from a vulnerable web application. This will trigger the application handler to send a request to an unintended service, which may reveal information about that service. The information obtained could be used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. There is no effect on integrity or availability of the application.

SSRF

SAP S/4HANA Finance (Advanced Payment Management) does not perform necessary authorization check for an authenticated user

CVE-2024-37172 5.4 - Medium - July 09, 2024

SAP S/4HANA Finance (Advanced Payment Management) does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality and availability but there is no impact on the integrity.

AuthZ

SAP CRM WebClient does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges

CVE-2024-37175 6.5 - Medium - July 09, 2024

SAP CRM WebClient does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to access some sensitive information.

AuthZ

Due to weak encoding of user-controlled input in SAP NetWeaver Knowledge Management XMLEditor which

CVE-2024-34685 6.1 - Medium - July 09, 2024

Due to weak encoding of user-controlled input in SAP NetWeaver Knowledge Management XMLEditor which allows malicious scripts can be executed in the application, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This has no impact on the availability of the application but it has a low impact on its confidentiality and integrity.

XSS

Due to insufficient input validation, SAP CRM WebClient UI

CVE-2024-37173 6.1 - Medium - July 09, 2024

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.

XSS

Custom CSS support option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting vulnerability

CVE-2024-37174 6.1 - Medium - July 09, 2024

Custom CSS support option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting vulnerability. On successful exploitation an attacker can cause limited impact on confidentiality and integrity of the application.

XSS

Elements of PDCE does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges

CVE-2024-39592 6.5 - Medium - July 09, 2024

Elements of PDCE does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This allows an attacker to read sensitive information causing high impact on the confidentiality of the application.

AuthZ

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response

CVE-2024-39593 5.7 - Medium - July 09, 2024

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response. Successful exploitation can cause high impact on confidentiality of the managed entities.

Information Disclosure

SAP CRM (WebClient UI Framework)

CVE-2024-39598 7.7 - High - July 09, 2024

SAP CRM (WebClient UI Framework) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

SSRF

Manage Incoming Payment Files (F1680) of SAP S/4HANA does not perform necessary authorization checks for an authenticated user

CVE-2024-34691 6.5 - Medium - June 11, 2024

Manage Incoming Payment Files (F1680) of SAP S/4HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. As a result, it has high impact on integrity and no impact on the confidentiality and availability of the system.

AuthZ

Due to insufficient input validation, SAP CRM WebClient UI

CVE-2024-34686 6.1 - Medium - June 11, 2024

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.

XSS

SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service

CVE-2024-33001 6.5 - Medium - June 11, 2024

SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service. An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimate users causing high impact on availability of the application.

An authenticated attacker can upload malicious file to SAP Document Builder service

CVE-2024-34683 6.5 - Medium - June 11, 2024

An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victims browser.

Unrestricted File Upload

On Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling)

CVE-2024-34684 6 - Medium - June 11, 2024

On Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) allows an authenticated attacker with administrator access on the local server to access the password of a local account. As a result, an attacker can obtain non-administrative user credentials, which will allow them to read or modify the remote server files.

Information Disclosure

Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users

CVE-2024-34688 7.5 - High - June 11, 2024

Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. This can result in no impact on confidentiality and integrity but a high impact on the availability of the application.

Resource Exhaustion

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users

CVE-2024-34690 5.4 - Medium - June 11, 2024

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to access and edit non-sensitive report variants that are typically restricted, causing minimal impact on the confidentiality and integrity of the application.

AuthZ

SAP BW/4HANA Transformation and Data Transfer Process (DTP)

CVE-2024-37176 5.4 - Medium - June 11, 2024

SAP BW/4HANA Transformation and Data Transfer Process (DTP) allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low impacts on the integrity and availability of the application.

AuthZ

SAP NetWeaver AS Java (CAF - Guided Procedures)

CVE-2024-28164 5.3 - Medium - June 11, 2024

SAP NetWeaver AS Java (CAF - Guided Procedures) allows an unauthenticated user to access non-sensitive information about the server which would otherwise be restricted causing low impact on confidentiality of the application.

Information Disclosure

SAP Companion - version <3.1.38, has a URL with parameter that could be vulnerable to XSS attack

CVE-2024-22129 7.6 - High - February 13, 2024

SAP Companion - version <3.1.38, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information and cause minor impact on the integrity of the web application.

XSS

SAP Master Data Governance for Material Data - versions 618

CVE-2024-24741 4.3 - Medium - February 13, 2024

SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact to integrity and availability.

AuthZ

The SAP Fiori app (My Overtime Request) - version 605, does not perform the necessary authorization checks for an authenticated user

CVE-2024-25643 4.3 - Medium - February 13, 2024

The SAP Fiori app (My Overtime Request) - version 605, does not perform the necessary authorization checks for an authenticated user which may result in an escalation of privileges. It is possible to manipulate the URLs of data requests to access information that the user should not have access to. There is no impact on integrity and availability.

AuthZ

Print preview option in SAP CRM WebClient UI - versions S4FND 102

CVE-2024-22130 5.4 - Medium - February 13, 2024

Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, S4FND 108, WEBCUIF 700, WEBCUIF 701, WEBCUIF 730, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. An attacker with low privileges can cause limited impact to confidentiality and integrity of the appliaction data after successful exploitation.

XSS

In SAP ABA (Application Basis) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization

CVE-2024-22131 7.2 - High - February 13, 2024

In SAP ABA (Application Basis) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions which they would not normally be permitted to perform.  Depending on the function executed, the attack can read or modify any user/business data and can make the entire system unavailable.

Code Injection

SAP IDES ECC-systems contain code

CVE-2024-22132 6.3 - Medium - February 13, 2024

SAP IDES ECC-systems contain code that permits the execution of arbitrary program code of user's choice.An attacker can therefore control the behaviour of the system by executing malicious code which can potentially escalate privileges with low impact on confidentiality, integrity and availability of the system.

Shell injection

SAP Bank Account Management (BAM)

CVE-2024-24739 6.3 - Medium - February 13, 2024

SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application.

AuthZ

SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, 

CVE-2024-24740 5.3 - Medium - February 13, 2024

SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attacker to access information which could otherwise be restricted with low impact on confidentiality of the application.

Incorrect Permission Assignment for Critical Resource

SAP CRM WebClient UI - version S4FND 102

CVE-2024-24742 4.1 - Medium - February 13, 2024

SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to integrity of the application data after successful exploitation. There is no impact on confidentiality and availability.

XSS

SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50

CVE-2024-24743 7.5 - High - February 13, 2024

SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so that availability is not affected.

XXE

Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker

CVE-2024-25642 7.4 - High - February 13, 2024

Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.

Improper Certificate Validation

SAP NWBC for HTML - versions SAP_UI 754

CVE-2024-22128 6.1 - Medium - February 13, 2024

SAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject malicious javascript to cause limited impact to confidentiality and integrity of the application data after successful exploitation.

The User Admin application of SAP NetWeaver AS for Java - version 7.50

CVE-2024-22126 8.8 - High - February 13, 2024

The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This results in Cross-Site Scripting (XSS) vulnerability, leading to a high impact on confidentiality and mild impact on integrity and availability.

XSS

Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could 

CVE-2024-22124 7.5 - High - January 09, 2024

Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.

SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks

CVE-2024-21736 6.5 - Medium - January 09, 2024

SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker to create in-house bank accounts leading to low impact on the confidentiality of the application.

AuthZ

In SAP Application Interface Framework File Adapter - version 702, a high privilege user

CVE-2024-21737 9.1 - Critical - January 09, 2024

In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on confidentiality, integrity and availability.

Code Injection

Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) - version 1.0

CVE-2024-22125 7.5 - High - January 09, 2024

Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) - version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on confidentiality.

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs

CVE-2024-21738 5.4 - Medium - January 09, 2024

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.

XSS

SAP LT Replication Server - version S4CORE 103

CVE-2024-21735 7.2 - High - January 09, 2024

SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.

AuthZ

SAP Marketing (Contacts App) - version 160

CVE-2024-21734 5.4 - Medium - January 09, 2024

SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application.

Open Redirect

SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0

CVE-2023-50424 9.8 - Critical - December 12, 2023

SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

Exposed Dangerous Method or Function

SAP Solution Manager - version 720

CVE-2023-49587 6.4 - Medium - December 12, 2023

SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network.

Command Injection

SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0

CVE-2023-50423 9.8 - Critical - December 12, 2023

SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

Exposed Dangerous Method or Function

SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0

CVE-2023-50422 9.8 - Critical - December 12, 2023

SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

Exposed Dangerous Method or Function

SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0

CVE-2023-49583 9.8 - Critical - December 12, 2023

SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

Exposed Dangerous Method or Function

SAP Fiori launchpad - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, UI_700 200, SAP_BASIS 793

CVE-2023-49584 4.3 - Medium - December 12, 2023

SAP Fiori launchpad - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, UI_700 200, SAP_BASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application.

HTTP Request Smuggling

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly

CVE-2023-6542 7.1 - High - December 12, 2023

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL including application deep links on the device.

AuthZ

SAP GUI for Windows and SAP GUI for Java 

CVE-2023-49581 9.4 - Critical - December 12, 2023

SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to write data to a database table. By doing so the attacker could increase response times of the AS ABAP, leading to mild impact on availability.

SQL Injection

SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758

CVE-2023-49580 7.3 - High - December 12, 2023

SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP.

The SAP HCM (SMART PAYE solution) - versions S4HCMCIE 100

CVE-2023-49577 6.1 - Medium - December 12, 2023

The SAP HCM (SMART PAYE solution) - versions S4HCMCIE 100, SAP_HRCIE 600, SAP_HRCIE 604, SAP_HRCIE 608, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

XSS

SAP Cloud Connector - version 2.0

CVE-2023-49578 3.5 - Low - December 12, 2023

SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform Denial of service attack from adjacent UI by sending a malicious request which leads to low impact on the availability and no impact on confidentiality or Integrity  of the application.

Incorrect Permission Assignment for Critical Resource

An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame

CVE-2023-42479 6.1 - Medium - December 12, 2023

An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. This can result in the disclosure or modification of non-sensitive information.

XSS

In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205, COM_CLOUD 2211, a locked B2B user

CVE-2023-42481 8.1 - High - December 12, 2023

In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205, COM_CLOUD 2211, a locked B2B user can misuse the forgotten password functionality to un-block his user account again and re-gain access if SAP Commerce Cloud - Composable Storefront is used as storefront, due to weak access controls in place. This leads to a considerable impact on confidentiality and integrity.

Weak Password Recovery Mechanism for Forgotten Password

SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS

CVE-2023-42478 7.6 - High - December 12, 2023

SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to upload agnostic documents in the system which when opened by any other user could lead to high impact on integrity of the application.

XSS

SAP Master Data Governance File Upload application 

CVE-2023-49058 5.3 - Medium - December 12, 2023

SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing traverse to parent directory are passed through to the file APIs. As a result, it has a low impact to the confidentiality.

Directory traversal

SAP Business Objects Web Intelligence - version 420

CVE-2023-42476 6.8 - Medium - December 12, 2023

SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victims browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that the user has access to. In the worst case, attacker could access data from reporting databases.

XSS

SAP Business One installation - version 10.0, does not perform proper authentication and authorization checks for SMB shared folder

CVE-2023-31403 8 - High - November 14, 2023

SAP Business One installation - version 10.0, does not perform proper authentication and authorization checks for SMB shared folder. As a result, any malicious user can read and write to the SMB shared folder. Additionally, the files in the folder can be executed or be used by the installation process leading to considerable impact on confidentiality, integrity and availability.

AuthZ

Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT

CVE-2023-41366 5.3 - Medium - November 14, 2023

Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, allows an unauthenticated attacker to access the unintended data due to the lack of restrictions applied which may lead to low impact in confidentiality and no impact on the integrity and availability of the application.

The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50

CVE-2023-42480 5.3 - Medium - November 14, 2023

The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.

In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented

CVE-2023-36920 6.1 - Medium - October 30, 2023

In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information.

Clickjacking

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack

CVE-2023-42474 5.4 - Medium - October 10, 2023

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information.

XSS

S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges

CVE-2023-42473 5.4 - Medium - October 10, 2023

S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the application.

AuthZ

SAP Business One (B1i) - version 10.0

CVE-2023-41365 4.3 - Medium - October 10, 2023

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. After successful exploitation, an attacker can cause limited impact on the confidentiality and no impact to the integrity and availability.

XXE

The Statutory Reporting application has a vulnerable file storage location

CVE-2023-42475 4.3 - Medium - October 10, 2023

The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality.

Generation of Error Message Containing Sensitive Information

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.